03:51 PM
Dark Reading
Dark Reading
Products and Releases

Merchant Link Announces End-To-End Encryption And Tokenization To Reduce PCI Burden

Solution secures both 'data in-flight' and 'data at rest'

SILVER SPRING, MD (August 3, 2010) -- As merchants face the ongoing challenge of PCI compliance and securing their customers’ credit card data, Merchant Link, a leader in the secure payment gateway market, today announces that it is offering a combined end-to-end encryption (E2EE) and tokenization solution which will dramatically lower the cost of attaining and maintaining PCI compliance.

Hotels, restaurants and retailers will now benefit from Merchant Link’s E2EE solution as well as the TransactionVault' tokenization solution. From the point of swipe to transaction completion, Merchant Link’s comprehensive solution secures both “data in-flight” and “data at rest,” meaning both stored credit card data and transaction data flowing through networks will be protected from hackers and cyber criminals. This both dramatically reduces risk of a breach and reduces PCI scope up to 81% based on the PCI Self-Assessment Guidelines.

“The new solution protects credit card data throughout the entire transaction life cycle,” said Dan Lane, Chief Technology Officer, Merchant Link. “Further, both end-to-end encryption and tokenization are expected to be key solutions highlighted in the October 2010 release of the next PCI DSS standard. The offering demonstrates our ongoing commitment to provide the highest level of security and service in the industry, allowing our customers to get out of the credit card business and focus on their core mission.”

Key Advantages:

ENCRYPTING WITHIN THE MSR / DECRYPTING OUTSIDE YOUR IT ENVIRONMENT: The new solution encrypts sensitive credit card information within the actual magnetic stripe reader (MSR) right at the point of swipe and as it travels through the merchant’s IT environment. Decryption occurs within Merchant Link’s hosted payment gateway, away from merchant systems and thus dramatically reduces the risk of compromised data.

COMBINING E2EE WITH NEXT GENERATION TOKENIZATION: Layering tokenization with end-to-end encryption greatly improves data security. Merchant Link’s TransactionVault tokenization solution uses tokens that distinguish themselves from others by remaining associated with the card. This allows the tokens to be tracked for all guest transactions, customer analytics, and marketing purposes. TransactionVault is in use at more than 15,000 restaurants, hotels and retail establishments and is the most widely adopted tokenization solution on the market.

FLEXIBILITY: The new solution is designed to integrate with any encrypting device, offering merchants flexibility in their hardware solutions. In addition, the Merchant Link Payment GatewayTM connects to all major credit card processors and offers merchants the freedom to switch between processors quickly, easily and efficiently, keeping them in control of their offerings and rates.

About Merchant Link

Merchant Link is a leading payments gateway company, providing PCI compliance, secure solutions, data transport services and comprehensive technology to merchants, software providers and credit card processors. Its premier product, TransactionVault', features next generation tokenization technology by replacing each card number with unique, multi-use tokens. Merchant Link currently supports more than 150,000 hotels, restaurants, retail stores, and other venues, and maintains connectivity to the major US payment card processors. Founded in 1993 and headquartered in Silver Spring, Md., Merchant Link handles more than 3 billion transactions for some of the world's best-known merchants. Further information is available at

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: just wondering...Thanx
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.